09-10-2007 11:46 PM
Hello,
i done various reseaches within cisco.com and came out a very simplified cmd to correctly perform L2 port-based rate limiting. However when applied into my test switch, i couldnt't see any counters/result captured for 'show polic-map interface'. Can someone advise if this setup is done correctly.
mac access-list extended l2
permit any any
ip access-list extended l3
permit ip any any
class-map match-all L2-traffic
match access-group name l2
class-map match-all L3-traffic
match access-group name l3
!
policy-map Customer-1-policy-ingress
class L2-traffic
police aggregate Customer-1
class L3-traffic
police aggregate Customer-1
interface GigabitEthernet0/1
switchport access vlan 50
spanning-tree portfast
service-policy input Customer-1-policy-ingress
SW01#show policy-map interface
GigabitEthernet0/1
Service-policy input: Customer-1-policy-ingress
Class-map: L2-traffic (match-all)
0 packets, 0 bytes
offered rate 0 bps, drop rate 0 bps
Match: access-group name l2
Class-map: L3-traffic (match-all)
0 packets, 0 bytes
offered rate 0 bps, drop rate 0 bps
Match: access-group name l3
Class-map: class-default (match-any)
0 packets, 0 bytes
offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
rate 0 bps
Any help is greatly appreciated.
09-17-2007 06:10 AM
Software feature thatcan help you accomplish what you want is QoS. Classify the traffic into class, configure policies applied to those traffic classes, then attach poiliies to interfaces
09-17-2007 08:24 AM
We do rate limiting like this.
class-map IP
match ip dscp default
policy-map 1meg
class IP
police 1000000 19200 exceed-action drop
int gi0/1
service-policy input 1meg
Armin
09-17-2007 06:18 PM
Unlike a router, you won't see the stats with a show policy-map interface. Try "show mls qos interface statistics".
10-23-2007 08:45 AM
Unlike "router", for ordinary Catalyst switch (except ME series), you should apply "srr-queue" to rate limit the traffic on egress interface. If you really want "MQC" like setup, you should consider matching the flow (cef) the traffic instead of a class in the setup.
11-12-2007 11:04 PM
one cannot check policy-map on interfaces the same way as one checks the output on routers.
3500 series switches have there own way on check QOS.
1. Firstly, check qos in enabled on box
mls qos
2. To mark COS value while being part of policy-map that trusts( does not overwrite) the incoming DSCP value, then "mls qos cos policy-map" needs to be enabled.
3. Make a mls qos aggregate-policer & then call the policer in a policy-map on an interface through service-policy.
4. To verify the policer has got applied on a interface. Check show mls qos int <> policer.
5. QOS capability/attribute of above interface
show mls qos interface <>
6. Statistics values through show mls qos interface <> statistics
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: